Comprehensive Guide to Installing Nginx, Configuring Reverse Proxy, Load Balancing, SSL, Keepalived, and LVS High‑Availability

This guide starts with downloading the stable Nginx package, installing required dependencies ( yum install gcc-c++ , yum install -y pcre pcre-devel , yum install -y zlib zlib-devel , yum install -y openssl openssl-devel ), extracting the source, creating a temporary directory, and configuring the build with ./configure \ --prefix=/usr/local/nginx \ ... . After compilation ( make and make install ) the server is started with nginx , stopped with ./nginx -s stop , and reloaded with ./nginx -s reload .

Next, a reverse‑proxy is defined using an upstream block that lists backend servers and a server block that forwards requests via proxy_pass . Various load‑balancing strategies are demonstrated: weighted round‑robin, ip_hash , URL hash ( hash $request_url ), and least connections ( least_conn ), each with the appropriate upstream syntax.

The document also lists useful upstream parameters such as max_conns , slow_start , down , backup , max_fails , and fail_timeout , and shows how to enable keep‑alive connections and control browser caching with expires directives.

For HTTPS, the SSL module is enabled in the configure step ( --with-http_ssl_module ), certificates and keys are copied to /usr/local/nginx/conf , and a server block listening on port 443 is added with the appropriate ssl_certificate , ssl_certificate_key , and cipher settings.

High availability is achieved by installing Keepalived, creating a script ( /etc/keepalived/check_nginx_alive_or_not.sh ) that restarts Nginx when it crashes, and configuring keepalived.conf with a global_defs section, a vrrp_instance for master/backup roles, and a track_script to monitor Nginx. Systemd commands ( systemctl start/stop/restart keepalived.service ) manage the service.

The guide then explains LVS (Linux Virtual Server) concepts, compares NAT, TUN, and DR modes, and walks through a DR‑mode deployment: disabling NetworkManager, creating virtual interfaces (e.g., ifcfg-ens33:1 ), configuring ARP settings in /etc/sysctl.conf , adding a static route, and installing ipvsadm . Cluster rules are added with commands such as ipvsadm -A -t 192.168.1.150:80 -s rr -p 5 and real servers are attached using ipvsadm -a -t 192.168.1.150:80 -r 192.168.1.171:80 -g . The configuration is saved with ipvsadm -S and verified via ipvsadm -Ln --stats .

Finally, the article shows how to combine Keepalived with LVS and Nginx to build a fully redundant load‑balancing cluster, providing configuration snippets for both the master and backup LVS nodes, including health checks ( TCP_CHECK ) and persistence settings.